Featured
RSS Underground XML Article

Overview of XML Encryption

XML encryption classifies a course of action for encrypting plain text data, generating ciphertext, and decrypting the ciphertext to retrieve the plaintext data.

Both the <EncryptionMethod> and <KeyInfo> are optional i.e. the sender and receiver may agree on the encryption method and key in advance. Several elements use the definitions from the DSIG.

If the recipient does not know the decryption key in advance, then the sender generates and sends it. The key can be protected in transit by encrypting method or key agreement.

If the plaintext data to encrypt is an XML element or content, you encode it using UTF-8 and perform any necessary transforms to it, otherwise, if it is an external resource, you simply consider it as an octet sequence. You then encrypt the data, creating CipherValue, which you place in EncryptedData.

Care must be taken when signing content that may later be encrypted; clearly; the content must be restored to exactly the original plaintext form for the signature to validate properly. To restore the plaintext in the signed content, use the decryption transform method for XML signature defined by the XML encrypt joint W3C and IETF working group.

This transform also allows specifications of XML fragments that were encrypted and then signed with rest of the document and, therefore, are not decrypted to validate the signature. Often, encrypted fragments are removed from the signed information by using the XPATH transform in the reference element, since the meaningful information is the plaintext.

We can sign the plaintext version of an encrypted element by including the appropriate reference element pointing to it. When the signed document is confidential and encrypted after being signed, you should also protect against surreptitious forwarding in which the recipient forwards the signed confidential document to a competitor, encrypted by the competitor public key, trying to make it look as if the sender sent the confidential information. To prevent surreptitious forwarding, the signer should append the recipient identities to the document being signed.

If the recipient does not know the decryption key in advance, then the sender generates and sends it. The key can be protected in transit by encrypting method or key agreement.

If the plaintext data to encrypt is an XML element or content, you encode it using UTF-8 and perform any necessary transforms to it, otherwise, if it is an external resource, you simply consider it as an octet sequence. You then encrypt the data, creating CipherValue, which you place in EncryptedData.

Care must be taken when signing content that may later be encrypted; clearly; the content must be restored to exactly the original plaintext form for the signature to validate properly. To restore the plaintext in the signed content, use the decryption transform method for XML signature defined by the XML encrypt joint W3C and IETF working group.

This transform also allows specifications of XML fragments that were encrypted and then signed with rest of the document and, therefore, are not decrypted to validate the signature. Often, encrypted fragments are removed from the signed information by using the XPATH transform in the reference element, since the meaningful information is the plaintext.

We can sign the plaintext version of an encrypted element by including the appropriate reference element pointing to it. When the signed document is confidential and encrypted after being signed, you should also protect against surreptitious forwarding in which the recipient forwards the signed confidential document to a competitor, encrypted by the competitor public key, trying to make it look as if the sender sent the confidential information. To prevent surreptitious forwarding, the signer should append the recipient identities to the document being signed.

Digital Signaturesin xml

In a simple shorthand notation the structures of DSIG signatures with its four elements. Elements appear zero or more times if followed by "*", zero or once if followed by"?", and once or more if followed by "+". When not followed by a symbol, elements appear only once.

Removing attributes and contents in the notation it becomes an example of signature object using three of its four elements.

The signature object contains the cryptographic hash of any signed information, and a reference to the information itself. The signed information may be an arbitrary document. However, often, it will be an XML object. The ability to sign only specific elements of XML documents is one of the most important features of DSIG. It lets the unsigned parts of the XML document is enhanced, modified, or removed for privacy or efficiency, keeping the signature valid.

DSIG signatures may contain either the signed XML object contained in the XML object, or detached from the signed object or document. When the signed XML object envelops the signature, the enveloped signature value itself is not included in the signature calculation and validation computation. For this you use the enveloped-signature transform, removing the whole signature element in which it is contained from the digest calculation.

Public key digital signatures that provide nonrepudiation, such as RSA, are computationally intensive operations; therefore, DSIG also allows shared-key authentication that provides authentication but nonrepudiation. Collision resistant hashing of the signed content is also used to save computational requirements.

Generating DSIG signatures:

1. Identity resources to be signed. 2. Calculating the digest value and composing reference elements for each resource. 3. Composing the signed info element from all references. 4. Computing value of signature method over identity resources to be signed element by applying algorithms like DSA, RSA-SHA1, etc 5. Composing the signature elements with signedInfo, signature value, identity key used to sign, and other optional objects like signature properties.

An XML DSIG may contain multiple reference elements in the same document

DSIG signatures may contain either the signed XML object contained in the XML object, or detached from the signed object or document. When the signed XML object envelops the signature, the enveloped signature value itself is not included in the signature calculation and validation computation. For this you use the enveloped-signature transform, removing the whole signature element in which it is contained from the digest calculation.

Public key digital signatures that provide nonrepudiation, such as RSA, are computationally intensive operations; therefore, DSIG also allows shared-key authentication that provides authentication but nonrepudiation. Collision resistant hashing of the signed content is also used to save computational requirements.

Generating DSIG signatures: 1. Identity resources to be signed. 2. Calculating the digest value and composing reference elements for each resource. 3. Composing the signed info element from all references. 4. Computing value of signature method over identity resources to be signed element by applying algorithms like DSA, RSA-SHA1, etc 5. Composing the signature elements with signedInfo, signature value, identity key used to sign, and other optional objects like signature properties.

An XML DSIG may contain multiple reference elements in the same document.

XML Promises and challenges

XML Born
XML (Extensible Markup Language) 1.0 standard was published February 10, 1998.
XML was born from the shortcomings of SGML [Structured Generalized Markup Language] which
was hugely complex, massively flexible and just plain hard to work with for many developers.
XML has taken off because it has all the best of SGML without many of the weakness.

XML Goal
XML took us beyond mere presentation of information and into the realm of representation
of information. This content is not just a mass of data to be rendered solely for viewing
on a web browser. Now the content could be structured and the meaning attached to this
structure could be transmitted as well.

HTML's difficulties: 1- HTML does not reveal anything about the information to which HTML tags are applied.
HTML tag names don't describe what content is, they only imply how content appears.
For example the html tag "Microsoft" appears on a web browser but HTML can not
tell is it a computer corporation? A Software? A Brand name?
2- Web applications relied too much on scripts at the server to process the data.
This makes the web slow and contributes to internet traffic.
3- You can't add new tags to HTML Language that are meaningful and useful.
4- HTML is a presentation technology only.

XML Success The Java technology, enables browsers to function as generalized application platforms. The
result is True platform independence. XML provides information rich in metadata specified
in a standard format, XML and Java technology make it possible for more of an application's
work to be processed at a client side. This contrasts with the tendency of HTML pages to rely
on a script back at the server. With XML and Java technology, more client-based application
processing could reduce network and internet traffic, making the web faster.

XML challenges Converting any information from a display format such as HTML, RTF, MIF, or PostScript to a
structured format like XML will require that you understand what your information really
contains. This requires a document analysis and the determination of information semantics on
which different parts of your enterprise rely. Many enterprises in different business sectors
have established industry standard information models that can be expressed in XML and, more
importantly, can be shared.

Once the relevant information models and their expressions in XML are constructed, the effort
to convert existing information into the XML format can proceed. It may or may not be painful,
depending on the condition of the existing documents. These efforts can be done in house, or they
can be completed with the help of qualified consultants.

XML Resources:Easy XML is a simple XML editor that aids in the rapid building of XML applications.Microsoft XML for SQL Web allows you to query database tables and receive the results as an XML document.

Microsoft XML Notepad is a simple HTML prototyping application for building and editing small sets of XML-based data.

Blogging Market Share - I am going to bet that you are not one of the richest people in the world. As a matter of fact, you are probably an average guy or gal who works 40+ hours a week (making money for someone else) and when all the bills are paid, you have very little left to show for it. How do I know this? This describes just about everyone who starts trying to make money online.

Web Content Writing - Content spamming, in its simplest form, is the taking of content from other sites that rank well on the search engines, and then either using it as-it-is or using a utility software like Articlebot to scramble the content to the point that it can't be detected with plagiarism software.

Sitemap Generator - To take advantage of the Google Sitemap program, webmasters only need to download a free open-source tool called Sitemap Generator that helps in creating a Sitemap using the Sitemap protocol. Google hopes that webservers will eventually support the protocol so that webmasters will not take any other extra steps to in order to join the program.

Content Management Systems - Secured loan brings back your happiness, fulfilling all your needs and long term desires in life. Lack of money hampers your capacity to spend on your desires and this is what results in unhappiness and dissatisfaction from life. But, secured loan sorts out all these anxieties and makes your life contented.

Web Content Writer - Content writing has become an important task for webmasters nowadays. Literally content writing means writing content for the web. If you’re into web business then it becomes necessary for you to have a web site that has current, relevant, and interesting content. This in return attracts and retains visitors to your site. However, one should always keep in mind that content writing is not everyone’s cup of tea.

Million Weblogs - Blogs have quickly evolved from quirky and droll Internet diaries into the next wave of the information revolution. Many companies are starting blogs or encouraging their employees to weblog . A number of books on business blogging are starting to be released and many companies are offering business weblog consulting.

Unlimited Weblogs - Blogs seem to be everywhere now, even making it into the dictionary. So what is a weblog and what can it do for your home based business? A weblog is simply an online journal that, when used strategically, and boost your sales and allow to you network more effectively.

Newsletter Content - If you have spent any time online in the last ten years, I am sure you have heard the phrase "content is king." I first heard the phrase myself in 1996 during an undergraduate computer class at my beloved alma mater, Cornell College, (GO RAMS!).

Adding Fresh Content - As you start getting more media-savvy, you'll find yourself coming up with more and more information and ideas to help the public. Not all of these ideas will strike the fancy of your media contacts, but don't let them go to waste--become a media person yourself by publishing an e-zine.

Page Content - Both search engines and customers love fresh, updated information. Nothing promotes a business online better than staying in touch with prospects. The more interactive the continued contact, the better the relationship that is built with a potential client. But there's no need to groan at the thought of having to work hard at adding new content to your web site, it's not as complicated as you might think.

Best Blogging Software - Building your business can be a difficult task. You can put hundreds of hours of effort into the business, but if you still don't have important components, you will not be successful. Today business owners are realizing that blogging boosts business. Blogs are typically only seen as personal places to express yourself and your views. The truth is however the blogs are also great places to reach people about your business or your products.

Real Content - If you have you been wanting to make money online for awhile now, you have probably encountered product launches, audio and video streaming, teleseminars, and jv ventures, etc. The experts that are promoting these products and services are making money head over heal.

Renting Blog Space - At present we hear more often that adsense is used as an effective tool to display contextually relevant advertisements of a company or product on the web site. If a visitor clicks on the advertisement to check it out the advertisement poster earns a percentage of revenue. Many webmasters are increasingly used the Google Adsense model as it is very effective and popular.

Blogging Directory - Business weblog is an incredible online marketing tool that saves you thousands of dollars but provides great business opportunities in just one click. Blogs are user-friendly, customized and flexible medium for disseminating useful information for effective positioning of your products in the market.

Blog Search - Business weblog is an incredible online marketing tool that saves you thousands of dollars but provides great business opportunities in just one click. Blogs are user-friendly, customized and flexible medium for disseminating useful information for effective positioning of your products in the market.